Stuxnet is in the hands of Bad Guys?!

Written on Thursday 25 November 2010

Hey! Do you like fear? Do you like bullshit headlines? Well, has Sky got an news for you! “Super virus a target for cyber terrorists”, which bears the even more fascinating <title> tag of “Stuxnet Worm: Virus Targeted At Iran’s Nuclear Plant Is In Hands Of ‘Bad Guys’, Sky News Sources Say”, is their latest fantastical fearmongering piece. Let’s butcher it together.

Potentially – though there has been no admission from the nation that it was successful.

…has been traded on the black market…

Got any evidence, Sky? No? Okay then. Granted it’s not infeasible, but it would be nice to know if you just made that up.

…and could be used by terrorists, according to Sky News sources.

CORN FLAKES COULD BE USED BY TERRORISTS! EVERYBODY PANIC!

Senior cyber-security figures have said the Stuxnet worm - the first to have been used to damage targets in the real world…

Almost certainly not, although the internet is not being helpful with sources of previous real-world virus damage (except to companies’ finances). There’s also no evidence that Stuxnet has caused any meatspace damage.

…could be used to attack any physical target which relies on computers.

Any physical target running Windows with attached SCADA controllers from one manufacturer controlling a certain number of frequency converter drives made by one of two companies running at certain frequencies. Unless they’re just referring to the Windows exploits Stuxnet uses rather than its payload, in which case… nope, every other OS is immune. (Source: Symantec)

The list of vulnerable installations is almost endless – they include power stations, food distribution networks, hospitals, traffic lights and even dams.

Again, Stuxnet in its known form will cause problems for none of those.

A senior IT security source said: “We have hard evidence that the virus is in the hands of bad guys – we can’t say any more than that but these people are highly motivated and highly skilled with a lot of money behind them.

You can’t say more because you’ve received threats from the FBI if you release this super-secret information that would be useful for protecting the world’s networks? Or because you’re making it up? Present evidence or GTFO.

“And they have realised that this kind of virus could be a devastating tool.”

Really?! Oh, gosh.

Will Gilpin, an IT security consultant to the UK Government said: “You could shut down the police 999 system.

“You could shut down hospital systems and equipment.

“You could shut down power stations, you could shut down the transport network across the United Kingdom.”

Again, I guess we’ve moved on to talking about a heavily modified payload rather than Stuxnet as it currently exists. And then, it’s only systems running Windows, and only until Microsoft patch the two (of five) remaining vulnerabilities that Stuxnet is known to exploit. (Source: F-Secure)

The Stuxnet attack on the Bushehr nuclear installation in Iran is believed to have been orchestrated by a country.

Now experts warn that the West is extremely vulnerable to similar attacks by criminal gangs seeking blackmail payouts or more likely by terrorist groups.

Criminal gangs and terrorists that have extremely detailed inside knowledge of manufacturing systems, which are probably not a common target for either group, and who are dumb enough to rely on a virus that we now have an extensive dossier on, which most virus scanners now detect and neutralise, and for which there are known cleaning methods.

Stewart Baker, a former assistant secretary with the US Department of Homeland Security, said: “They could shut down power systems, dams, almost any sophisticated industrial process that requires a control software. Which is practically everything.”

I think we’ve seen this point somewhere before.

There has been a rise in cyber attacks in recent years.

On April 8, 15% of all internet traffic was routed through China for 18 minutes in a mysterious incident the Chinese authorities have denied any part in.

Because it was probably an accident rather than an attack, and it’s not as if routing through China is unusual – the event was merely an unexpected spike. There has been no suggestion that any unencrypted sensitive data was intercepted by China during that time. (Source: BGPmon, plus the more knowledgeable comments on Slashdot and Reddit.)

The Royal Navy’s website was shut down on November 5, allegedly by a Romanian hacker.

In October, the UK Government declared cyber warfare to be a “tier 1” threat to national security.

Are those… could they possibly be… facts?! My god.

But experts say a more co-ordinated effort is needed to tackle attacks, along the lines of the Cyber Command agency set up in the US this year.

It’s the most reasonable opinion in the article, and it’s the one you don’t provide a named source for?

So, er, thanks, Sky News. I feel so enlightened now.

If you’re looking for some more amusement, the YouTube-calibre comments section is pure Retarded Internet Commenter gold, too.